crefoaddress.de
HTML metadata
Technology
- Server
- Apache
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- Cookiebot
Third-party hosts loaded (2)
- consent.cookiebot.com×1
- www.googletagmanager.com×1
Contact
- Phone
Registration
- Updated
- 2017-08-21
- Name servers
-
- dns009.arvato-systems.de.
- dns017.arvato-systems.de.
- ns1.arvato-systems.de.
- ns2.arvato-systems.de.
DNS records live
- NS
-
- dns009.arvato-systems.de
- dns017.arvato-systems.de
- ns1.arvato-systems.de
- ns2.arvato-systems.de
- MX
-
- 10 cmx1.servicemail24.de
- 10 cmx2.servicemail24.de
- TXT
-
v=spf1 mx a include:spf.nl2go.com include:spf.protection.outlook.com include:spf.servicemail24.de include:spf.bert.group ip4:54.229.13.110 -all
Certificate (current)
RapidSSL TLS RSA CA G1
Expires in 143 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- content-security-policy
base-uri 'self'; default-src 'self'; script-src 'self' 'nonce-3eZoeuwQwtmme9tALOpeLA==' 'strict-dynamic' 'unsafe-eval' *.googletagmanager.com *.analytics.google.com *.cookiebot.com *.leadinfo.com *.leadinfo.net *.licdn.com *.bing.com https://bat.bing.com *.etracker.com *.etracker.de; style-src 'self' 'unsafe-inline' *.googletagmanager.com fonts.googleapis.com *.cookiebot.com; font-src 'self' data: fonts.gstatic.com; img-src 'self' data: *.googletagmanager.com *.cookiebot.com px.ads.linkedin.com https://bat.bing.com; connect-src 'self' *.googletagmanager.com px.ads.linkedin.com *.cookiebot.com *.leadinfo.com *.leadinfo.net *.bing.com *.google.com *.etracker.com *.etracker.de; frame-src 'self' *.googletagmanager.com *.cookiebot.com 'self' crefopay.beaddress.de *.crefopay.de; frame-ancestors 'self' crefopay.beaddress.de *.crefopay.de- strict-transport-security
max-age=31536000; includeSubDomains